SecureWorld Detroit

"For more than 22 years, SecureWorld has been tackling global cybersecurity issues and sharing critical knowledge and tools needed to protect against ever-evolving threats. Through our network of industry experts, thought leaders, practitioners, and solution providers, we collaborate to produce leading-edge, relevant content."

National Cyber Summit

"National Cyber Summit is the nation’s most innovative cyber security-technology event, offering unique educational, collaborative and workforce development opportunities for industry visionaries and rising leaders. NCS offers more value than similar cyber conferences with diverse focus-areas, premier speakers, and unmatched accessibility. Our core focus is on three things: education, collaboration and innovation."

InfoSec World 2024

"InfoSec World is the leading cybersecurity conference for security practitioners and executives. Now in its 30th year, InfoSec World has been known as the “Business of Security” conference—featuring expert insights, enlightening keynotes, and interactive breakout sessions that inform, engage, and connect the infosec community. This event provides participants with essential tools and solutions to better prevent, detect and respond to today’s security challenges."

"Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation"

"Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation"

Microsoft is experimenting with a new security mitigation to combat the rise in cyberattacks involving the exploitation of vulnerabilities in the Windows Common Log File System (CLFS). The software maker will add a new verification step to CLFS logfile parsing to cover an attack surface attractive to Advanced Persistent Threats (APTs) and ransomware attackers.

Submitted by Gregory Rigby on

"North Korea's 'Citrine Sleet' APT Exploits Zero-Day Chromium Bug"

"North Korea's 'Citrine Sleet' APT Exploits Zero-Day Chromium Bug"

Last month, a North Korean intelligence threat actor exploited two novel vulnerabilities to steal from the cryptocurrency industry and fund the Kim Jong Un regime. Microsoft has revealed that an Advanced Persistent Threat (APT) within Bureau 121 of North Korea's Reconnaissance General Bureau, tracked as "Citrine Sleet," chained together previously unknown flaws in Windows and Chromium browsers. They also used a rootkit to gain deep system access before stealing from targets. This article continues to discuss findings regarding the Citrine Sleet APT.

Submitted by Gregory Rigby on

"Crypto Vulnerability Allows Cloning of YubiKey Security Keys"

"Crypto Vulnerability Allows Cloning of YubiKey Security Keys"

YubiKey security keys can be cloned through a side-channel attack involving the exploitation of a vulnerability in a third-party cryptographic library. The attack called "Eucleak" was demonstrated by NinjaLab. Yubico, the company behind YubiKey, has released a security advisory in response to this discovery. YubiKey hardware authentication devices allow users to securely access their accounts using FIDO authentication. The Eucleak attack exploits a vulnerability in an Infineon cryptographic library used by YubiKey and other vendors' products.

Submitted by Gregory Rigby on

"Red Teaming Tool Abused for Malware Deployment"

"Red Teaming Tool Abused for Malware Deployment"

Threat actors are using MacroPack, a tool designed for red team exercises, to deploy malware. Cisco Talos researchers discovered several related Microsoft documents uploaded to VirusTotal between May and July 2024. All of them were created by a version of a payload generator framework, MacroPack. A variety of actors and countries, including China, Pakistan, Russia, and the US, uploaded the documents.

Submitted by Gregory Rigby on

"White House Addresses BGP Vulnerabilities in New Internet Routing Security Roadmap"

"White House Addresses BGP Vulnerabilities in New Internet Routing Security Roadmap"

The White House has released a roadmap to address Internet routing security issues, specifically Border Gateway Protocol (BGP) vulnerabilities. The BGP protocol is used in the exchange of routing information between Autonomous Systems (AS) on the Internet, but this critical component was not designed with security in mind. Potentially serious vulnerabilities have been discovered in the past years that can allow threat actors to redirect internet traffic. They can lead to disruptions to critical infrastructure, the theft of sensitive information, and more.

Submitted by Gregory Rigby on

"Halliburton Confirms Data Stolen in Cyberattack"

"Halliburton Confirms Data Stolen in Cyberattack"

In a new update, US oil service giant Halliburton confirmed corporate data was stolen from its computer systems during an August ransomware cyberattack.  The company noted that it is evaluating the nature and scope of the information.  The company’s acknowledgment of data loss comes just days after the US government pinned the blame for the cyberattack on a known ransomware gang called RansomHub. Halliburton employs about 55,000 through hundreds of subsidiaries, affiliates, and brands in more than 70 countries.

 

Submitted by Adam Ekwall on

"Zyxel Patches Critical Vulnerabilities in Networking Devices"

"Zyxel Patches Critical Vulnerabilities in Networking Devices"

Zyxel recently announced patches for multiple vulnerabilities in its networking devices, including a critical severity flaw affecting multiple access points (AP) and security router models.  The critical bug tracked as CVE-2024-7261 (CVSS score of 9.8) is described as an OS command injection issue that could be exploited by remote, unauthenticated attackers via crafted cookies.  The company has released security updates to address the bug in 28 AP products and one security router model.

Submitted by Adam Ekwall on
Subscribe to